1k Views inPrivacy

What Does a VPN Hide? (And the Things It Can’t Hide)

As a cloud data security expert with over 15 years in the field, one question I‘m often asked is: what exactly does a VPN hide?

Virtual private networks (VPNs) have seen immense growth in recent years. VPN usage grew by 183% between 2019 and 2021, with 689 million people using VPN services worldwide as of 2022 according to Surfshark‘s Global VPN Usage Report.

The reasons for this growth are clear. By creating an encrypted tunnel for your internet traffic, a VPN provides an important layer of privacy and security in today‘s digital world. But I‘m finding many people aren‘t totally clear on the full scope of what VPNs can and can‘t hide when it comes to their online activities.

In this comprehensive guide, I‘ll share my in-depth knowledge on precisely how VPNs work and their key capabilities – as well as notable limitations – for maintaining your privacy as you surf the web.

The Nitty Gritty: How VPNs Function

To start, it‘s helpful to understand what exactly a VPN is at a nuts-and-bolts level. VPN stands for "virtual private network", which aptly describes what this technology does.

When activated, a VPN client on your device encrypts your internet data and connection. It then sends this encrypted traffic through a secure "tunnel" to a remote server run by the VPN provider. This tunnel gives you a direct, private pathway to the wider internet.

The VPN server acts as an intermediary that handles all your traffic. To the rest of the internet, you appear connected from the server‘s IP address instead of your own. The VPN encrypts and obscures the contents of your web activities before sending data requests out to the internet and retrieving the responses back to return to you.

Here is a step-by-step look at the VPN process:

  1. You initiate a connection to a VPN server, which could be located anywhere globally based on your choice.

  2. The VPN client software on your device encrypts your internet data packets using protocols like OpenVPN or IKEv2. This creates a secure, private tunnel.

  3. Your encrypted data travels through the tunnel to the remote VPN server you‘re connected to. This prevents snooping along the route.

  4. The VPN server acts as the middleman, requesting data from websites and services using its own IP address on your behalf.

  5. Websites send requested data back to the VPN server, rather than directly to you.

  6. The VPN server encrypts the data again and sends it through the tunnel back to your device.

  7. The VPN client decrypts the data, allowing you to access the content.

So in summary, a VPN gives you an encrypted tunnel to route your traffic through as opposed to sending data openly over the public internet. This allows you to browse privately and access content anonymously.

Now that we‘ve covered the technical overview, let‘s explore some of the key things a VPN can help hide.

What Can VPNs Conceal?

One major benefit of using a VPN is it obscures your digital footprint from surveillance, whether from cyber criminals, your ISP, or government authorities. Here are five of the main things using a VPN can help hide:

1. Your IP Address

Your IP address may be the most important piece of information a VPN hides. This unique identifier assigned to your internet-connected devices reveals both your location and your identity.

According to a 2022 Data Privacy Report from ExpressVPN, 68% of Americans think hiding their IP address is crucial for maintaining privacy.

When you use a VPN, it masks your actual IP address by assigning you a different one from the VPN server you‘re connected to. This makes it much harder for websites or spying parties to pinpoint your location or track your activities across the internet.

2. Your Physical Location

Since your IP address divulges the general area where you‘re located, obscuring it with a VPN also hides your true physical location.

Let‘s say you live in San Francisco but connect to a VPN server in London. This will make it appear to any website you visit that you‘re located in the UK based on the VPN server‘s IP address.

In a 2022 ExpressVPN survey, 73% of Americans said they considered hiding their physical location highly important for online privacy.

3. The Specifics of Your Web Activities

The encrypted VPN tunnel blocks outside parties from seeing what specific sites you visit or what data you‘re viewing and transferring. They may be able to see generic traffic coming from your IP address, but not the actual contents.

Per a 2021 study by PCMag, 68% of respondents said they considered hiding the specifics of their browsing activities essential when using the internet.

4. Your Traffic on Public Networks

Connecting to public Wi-Fi at a hotel, cafe, airport, or other venue puts you at risk of getting hacked due to the lack of encryption on these open networks.

Turning on a VPN provides a secure, private tunnel to route your traffic and prevent nearby bad actors from snooping on what sites you‘re visiting or data you‘re accessing on public Wi-Fi.

5. Your Identity for Accessing Region-Locked Content

A VPN can change your virtual location by connecting to a server in another country or region. So if you‘re traveling abroad or want to access content limited to certain countries, a VPN will allow you to bypass geographic restrictions and access region-locked sites and services.

According to data from FinancesOnline, 29% of people use VPNs specifically to access restricted content from other countries.

In summary, a VPN adds a major layer of privacy by hiding your IP address, location, web activities, public Wi-Fi traffic, and identity as you surf the web. But there are still some limitations…

The Limitations: What VPNs Can‘t Hide

It‘s important to understand that while VPNs are excellent privacy tools, they aren‘t magical silver bullets. There are certain types of data and traffic a VPN simply doesn‘t obscure. Being aware of these limitations is key to having the right expectations.

1. Your Browser History on Your Local Device

A common misperception is that a VPN erases or hides your browser history. It doesn‘t.

Your web browser still records your local browsing data like sites you visit, searches you do, and cookies/cache based on your activity. A VPN routes your traffic through an encrypted tunnel, but doesn‘t scrub or remove history data stored on your device.

2. Your Activities on Logged Accounts

Similarly, if you sign into accounts with Google, Facebook, Amazon, or any website, they can still identify your activity as belonging to your account profile – even if you access it through a VPN connection. Logging in gives away your identity!

3. Your Search History Linked to Accounts

If you conduct web searches while logged into Google or other search engines, they may record these searches along with your account identity. Again, the VPN doesn‘t hide searches tied to your personal account.

4. Tracking Via Cookies, Ad IDs, and Browser Fingerprinting

Unfortunately, VPNs don‘t automatically protect you against other sneaky tracking techniques like cookies, advertising IDs, browser fingerprinting, and more. Additional privacy tools and settings are required to guard against these.

5. Traffic Outside the Encrypted Tunnel

Any internet traffic that leaks outside of the secure VPN tunnel of course won‘t be protected. DNS leaks are one example. Good VPN providers take measures to prevent such leaks. But you must be vigilant as well.

6. Voice/Video Calls and Local Network Traffic

VPNs only route your external internet traffic. So voice call apps, video chats, and local network device traffic won‘t funnel through the VPN tunnel by default. This can expose some of your activities.

7. Improperly Configured VPN Apps

Some VPN-capable apps don‘t automatically route all their traffic through the tunnel. You often have to dig into settings to enable full VPN connectivity to ensure complete privacy.

8. Compromised VPN Servers

There‘s always a risk of VPN servers getting compromised. This would allow monitoring of any traffic routed through those servers. To limit risk, choose a reputable VPN provider with robust security practices.

As you can see, VPNs have some definite privacy limits. But you can take steps to minimize what gets exposed…

How to Maximize Your VPN Privacy

While no VPN is perfect, you can take actions to get the very most privacy from your VPN service:

  • Manually clear your browser history, cookies, and cache frequently. Also use private/incognito browsing when possible.

  • Select a premium VPN provider focused on privacy and security, not logs.

  • Enable the VPN kill switch, which prevents leaks if the VPN connection drops unexpectedly.

  • Use the VPN provider‘s router/firewall software to tunnel all your device traffic.

  • Leverage VPN browser extensions to encrypt browser traffic only, for added security.

  • Connect to VPN servers located in jurisdictions with strict privacy laws when possible.

  • Use multi-hop connections or "double VPN" to route through multiple servers for greater obfuscation.

  • Avoid logging into accounts that would reveal your identity while using the VPN.

  • Run regular VPN/DNS leak tests using sites like ipleak.net or dnsleaktest.com.

Following best practices like these will help maximize what your VPN can hide. No VPN is bulletproof, but they remain extremely valuable tools.

The Bottom Line

As a cloud data security expert, I highly recommend using a VPN to protect your privacy and security in our modern internet age. VPNs provide a great layer of obscurity when it comes to hiding your IP address, location, browsing activities, public Wi-Fi traffic, and other sensitive data.

However, it‘s also crucial to understand what VPNs cannot hide – namely your locally stored browser histories, activities on logged accounts, and other types of potential leaks.

The ideal strategy is to use an excellent VPN in combination with secure browsing habits for rock-solid privacy. But even using a VPN alone will go a long way toward guarding your digital footprint. Ultimately, if you value your privacy, a quality VPN service is one of the wisest investments you can make today.

Luis Masters

Written by Luis Masters

Luis Masters is a highly skilled expert in cybersecurity and data security. He possesses extensive experience and profound knowledge of the latest trends and technologies in these rapidly evolving fields. Masters is particularly renowned for his ability to develop robust security strategies and innovative solutions to protect against sophisticated cyber threats.

His expertise extends to areas such as risk management, network security, and the implementation of effective data protection measures. As a sought-after speaker and author, Masters regularly contributes valuable insights into the evolving landscape of digital security. His work plays a crucial role in helping organizations navigate the complex world of online threats and data privacy.